Show filters
1,099 Total Results
Displaying 351-360 of 1,099
Sort by:
Attacker Value
Unknown
CVE-2023-27257
Disclosure Date: October 25, 2023 (last updated February 25, 2025)
Missing authentication in the GetActiveToiletPasses method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of student information by unauthenticated attackers.
0
Attacker Value
Unknown
CVE-2023-27256
Disclosure Date: October 25, 2023 (last updated February 25, 2025)
Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of sensitive log files by unauthenticated attackers.
0
Attacker Value
Unknown
CVE-2023-26580
Disclosure Date: October 25, 2023 (last updated February 25, 2025)
Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the retrieval of any file present on the web server by unauthenticated attackers.
0
Attacker Value
Unknown
CVE-2023-26579
Disclosure Date: October 25, 2023 (last updated February 25, 2025)
Missing authentication in the DeleteStaff method in IDAttend’s IDWeb application 3.1.013 allows deletion of staff information by unauthenticated attackers.
0
Attacker Value
Unknown
CVE-2023-26576
Disclosure Date: October 25, 2023 (last updated February 25, 2025)
Missing authentication in the SearchStudentsRFID method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers.
0
Attacker Value
Unknown
CVE-2023-26575
Disclosure Date: October 25, 2023 (last updated February 25, 2025)
Missing authentication in the SearchStudentsStaff method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student and teacher data by unauthenticated attackers.
0
Attacker Value
Unknown
CVE-2023-26574
Disclosure Date: October 25, 2023 (last updated February 25, 2025)
Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers.
0
Attacker Value
Unknown
CVE-2023-26573
Disclosure Date: October 25, 2023 (last updated February 25, 2025)
Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.052 and earlier allows denial of service or theft of database login credentials.
0
Attacker Value
Unknown
CVE-2023-26571
Disclosure Date: October 25, 2023 (last updated February 25, 2025)
Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.052 and earlier allows modification of student data by unauthenticated attackers.
0
Attacker Value
Unknown
CVE-2023-26570
Disclosure Date: October 25, 2023 (last updated February 25, 2025)
Missing authentication in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers.
0
